Modeling the Impact of Cyber Attacks
In this chapter, we continue exploring how resilient is a network to a failure propagating through it; however, now we also include an explicit treatment of specific causes of failure – malicious activities of the cyber attacker. This chapter considers cyber attacks and the ability to counteract their implementation as the key factors determining the resilience of computer networks and systems. Indeed, cyber attacks are the most important among destabilizing forces impacting a network. Moreover, the term cyber resilience can be interpreted as the stability of computer networks or systems operating under impact of cyber attacks. The approach in this chapter involves the construction of analytical models to implement the most well-known types of attacks. The result of the modeling is the distribution function of time and average time of implementation of cyber attacks. These estimates are then used to find the indicators of cyber resilience. To construct analytical models of cyber attacks, this chapter introduces an approach based on the stochastic networks conversion, which works well for modeling multi-stage stochastic processes of different natures.
KeywordsCyber security Cyber attacks Attack modeling Cyber resilience Stochastic networks Laplace transform
This research is being supported by the grants of the Russian Foundation of Basic Research (16-29-09482, 18-07-01369, 18-07-01488), partial support of the budgetary subject АААА-А16-116033110102-5, and by the Government of the Russian Federation, Grant 074-U01.
- Ahuja, S. P. (1998). COMNET III: A network simulation laboratory environment for a course in communications networks. In 28th Annual Frontiers in Education Conference (FIE ‘98) (vol. 3, pp. 1085–1088)Google Scholar
- Bartol, N., Bates, B., Goertzel, K. M., & Winograd, T. (2009). Measuring cyber security and information assurance, Information Assurance Technology Analysis Center. https://www.csiac.org/wp-content/uploads/2016/02/cybersecurity.pdf
- Bengio, Y., Thibodeau-Laufer, E., Alain, G., & Yosinski, J. (2014). Deep generative stochastic networks trainable by backprop. http://arxiv.org/abs/1306.1091
- Bodeau, D., Graubart, R., Heinbockel, W., & Laderman, E. (2015). Cyber resiliency engineering aid – The updated cyber resilience engineering framework and guidance on applying cyber resiliency techniques. MITRE Corporation. http://www.defenseinnovationmarketplace.mil/resources/20150527_Cyber_Resiliency_Engineering_Aid-Cyber_Resiliency_Techniques.pdf
- Collier, Z. A., Panwar, M., Ganin, A. A., Kott, A., & Linkov, I. (2016). Security metrics in industrial control systems. In E. Colbert & A. Kott (Eds.), Cyber-security of SCADA and other industrial control systems. Advances in information security (Vol. 66, pp. 167–185). Cham: Springer.CrossRefGoogle Scholar
- Cyber Resilience Review (CRR): Method Description and Self-Assessment User Guide. (2014). Software Engineering Institute, Carnegie Mellon University. https://www.us-cert.gov/sites/default/files/c3vp/csc-crr-method-description-and-user-guide.pdf
- Dudorov, D., Stupples, D., & Newby, M. (2013). Probability analysis of cyber attack paths against business and commercial enterprise systems. In 2013 European Intelligence and Security Informatics Conference (pp. 38–44).Google Scholar
- Ganin, A. A., Massaro, E., Gutfrain, A., Steen, N., Keisler, J. M., Kott, A., Mangoubi, R., & Linkov, I. (2015, August). Operational resilience: Concepts, design and analysis, Scientific Reports. https://doi.org/10.1038/srep19540.
- Goldman, R. P. (2002). A stochastic model for intrusions. In Proceedings of the 5th International Symposium on Recent Advances in Intrusion Detection (RAID 2002) (pp. 199–218).Google Scholar
- Jansen, W. (2009). Directions in Security Metrics Research, National Institute of Standards and Technology. http://nvlpubs.nist.gov/nistpubs/Legacy/IR/nistir7564.pdf
- Kotenko, I., & Chechulin, A. (2013). A Cyber attack modeling and impact assessment framework. In Proceedings of the 5th IEEE International Conference on Cyber Conflict (CyCon) (pp. 1–24).Google Scholar
- Kotenko, I., & Doynikova, E. (2014). Evaluation of computer network security based on attack graphs and security event processing. Journal of Wireless Mobile Networks, Ubiquitous Computing, and Dependable Applications (JoWUA), 5(3), 14–29.Google Scholar
- Kotenko, I., & Doynikova, E. (2017). Selection of countermeasures against network attacks based on dynamical calculation of security metrics. Journal of Defence Modeling and Simulation: Applications, Methodology, Technology. http://journals.sagepub.com/doi/abs/10.1177/1548512917690278.
- Linkov, I., et al. (2013). Measurable resilience for actionable policy. Environmental Science & Technology, 47, 10108–10110.Google Scholar
- Matlof, N. From algorithms to Z-Scores: Probabilistic and statistical modeling in computer science. http://heather.cs.ucdavis.edu/probstatbook
- National Research Council. (2012). Disaster resilience: a national imperative. Washington, DC: National Academies Press. http://resilience.abag.ca.gov/wp-content/documents/resilience/toolkit/Disaster%20Recovery_A%20National%20Imperative%20Exec%20Summary.pdf
- OPNET Technologies, Inc. http://www.opnet.com/
- PTC Mathcad – PTC. http://www.ptc.com/engineering-math-software/mathcad
- Sterbenz, J. P. G., Hutchison, D., Çetinkaya, E., Jabbar, A., Rohrer, J. P., Schöller, M., & Smith, P. (2010, June). Resilience and survivability in communication networks: Strategies, principles, and survey of disciplines. Computer Networks: Special Issue on Resilient and Survivable Networks (COMNET), 54(8), 1245–1265.CrossRefGoogle Scholar
- Sterbenz, J. P. G., Çetinkaya, E. K., Hameed, M. A., Jabbar, A, & Rohrer, J. P. (2011, January). Modelling and analysis of network resilience (invited paper). In The Third IEEE International Conference on Communication Systems and Networks (COMSNETS) (pp. 1–10). Bangalore, India.Google Scholar
- Williams, J. (1973). Laplace transforms, Problem solvers. London: George Allen & Unwin.Google Scholar
- Zöhrer, M., & Pernkopf, F. (2014). General stochastic networks for classification. Advances in Neural Information Processing Systems, 27, 2015–2023.Google Scholar